How to Create a Windows NT/ Windows 2000 Service

Introduction

A Windows service is an EXE specially designed to communicate with the SCM (Service Control Manager) of Windows NT/2000. The Service Control Manager (SCM) maintains a database of installed services and driver services, and provides a unified and secure means of controlling them. SCM is started at system boot and it is a remote procedure call (RPC) server. As a developer to try a simple service, we can divide the program into four parts.

Main program of Win32 / Console Application.

A so called ServiceMain(), main program of Service. Entry point of a service.

A Service Control Handler, a function to communicate with SCM.

A Service Installer/ Uninstaller, to register an EXE as a Service.

Firstly, let us take a look at the Main program of the Console application (it can also be a WinMain()).

The only thing done by the main() is to fill a SERVICE_TABLE_ENTRY array. The position [0][0] contains the name of the Service (any string you like). Position [0][1] contains the name of the Service Main function, I specified in the list earlier. It actually is a function pointer to the Service main function. The name can be any thing. Now we start the first step to a service by calling StartServiceCtrlDispatcher() with the SERVICE_TABLE_ENTRY array. Note that the function signature should be of the form. The [1][0] and [1][1] positions are NULL, just to say the end of the array (not a must). We can add more entries to the list if we have more than one service running from the same EXE.

The declaration of a typical ServiceMain():

void WINAPI ServiceMain(DWORD argc, LPTSTR *argv)

Now, let us analyze our ServiceMain function.

The main steps of this function are:

Fill the SERVICE_STATUS structure with appropriate values to communicate with the SCM.

Register the Service Control Handler function said earlier in the list.

Call the actual processing functions.

For proceeding, we need two global variables here:

SERVICE_STATUS m_ServiceStatus;

SERVICE_STATUS_HANDLE m_ServiceStatusHandle;

The ServiceMain() can accept command line arguments just as any C++ main() function. The first parameter contains the number of arguments being passed to the service. There will always be at least one argument. The second parameter is a pointer to an array of string pointers. The first item in the array always points to the service name. The SERVICE_STATUS data structure is used to fill the current state of the Service and notify it to the SCM. We use an API function SetServiceStatus() for the purpose. The data members of SERVICE_STATUS to look for are:

dwControlsAccepted = SERVICE_ACCEPT_STOP; accepts Stop/Start only in Service control program, usually in the Control Panel (NT) / Administrative tools (2000). We can also set our service to accept PAUSE and CONTINUE functionality.

In the beginning of the ServiceMain(), we should set the dwCurrentState of SERVICE_STATUS to SERVICE_START_PENDING. This signals the SCM that the service is starting. If any error occurs in the way, we should notify the SCM by passing SERVICE_STOPPED. By default, the SCM will look for an activity from the service and if it fails to show any progress within 2 minutes, SCM kills that service.

The API function RegisterServiceCtrlHandler() is used to set the Service Control Handler Function of the Service with the SCM. The function takes two parameters as earlier, one service name (string) and the pointer to the Service Control Handler Function. That function should be with the signature.

Once we get till here, we now set dwCurrentState as SERVICE_RUNNING to notify that the service has started to function. The next step is to call the actual processing steps.

Now, let us analyze our Service Control Handler function:

The Service Control Handler function is used by the SCM to communicate to the Service program about a user action on the service, like a start, stop, pause or continue. It basically contains a switch statement to deal with each case. Here, we will call appropriate steps to clean up and terminate the process. This function receives an opcode which can have values like SERVICE_CONTROL_PAUSE, SERVICE_CONTROL_CONTINUE, SERVICE_CONTROL_STOP, SERVICE_CONTROL_INTERROGATE etc. We have to write appropriate steps on each.

Now Service Installer/ Uninstaller

For installing a service, we need to make some entries in the system registry. Windows has some APIs to do these steps, instead of using the registry functions. They are CreateService() and DeleteService(). For both these functions, we need to open the SCM database with appropriate rights. I prefer SC_MANAGER_ALL_ACCESS. For installing a service, first open the SCM by OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS). Then invoke the CreateService() with appropriate binary file path of our service. Here also, we have to give the name of our service. We need this name if we want to delete a particular service. In deleting a service, we need to open the specific service first by its name and then invoke the DeleteService() on it. That’s all what we need. Take a look at the code given with it for more details.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.